c9fad75d64365c108b7be0a9cf44ef500db8dd2bfb7735fb6610e355620ff47b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

457f7ae9a5c5ea3b92302ad704cf9334_JaffaCakes118
Size

29KB
Sample

240714-mylz7szdrc
MD5

457f7ae9a5c5ea3b92302ad704cf9334
SHA1

b2a6e37ee3ae1a2b9d6cba55429450b16b79254d
SHA256

c9fad75d64365c108b7be0a9cf44ef500db8dd2bfb7735fb6610e355620ff47b
SHA512

a1fae7cf0787ff7bd2d0eadeeddd5c877d51b3273f6565bcf5355a7518221c09e190abb909a74dfeda15a68f47faeed626e14a29ccc42f1ffb0c5bfdc1cdb86c
SSDEEP

384:21AwaNBftLAZoUiRpYFUyO1MCsKmmfsI8YETlEDfOM1I:UAvLZ+jbssI8pT0fOM1I

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  457f7ae9a5c5ea3b92302ad704cf9334_JaffaCakes118
- Size
  
  29KB
- MD5
  
  457f7ae9a5c5ea3b92302ad704cf9334
- SHA1
  
  b2a6e37ee3ae1a2b9d6cba55429450b16b79254d
- SHA256
  
  c9fad75d64365c108b7be0a9cf44ef500db8dd2bfb7735fb6610e355620ff47b
- SHA512
  
  a1fae7cf0787ff7bd2d0eadeeddd5c877d51b3273f6565bcf5355a7518221c09e190abb909a74dfeda15a68f47faeed626e14a29ccc42f1ffb0c5bfdc1cdb86c
- SSDEEP
  
  384:21AwaNBftLAZoUiRpYFUyO1MCsKmmfsI8YETlEDfOM1I:UAvLZ+jbssI8pT0fOM1I
Score

10^/10

evasion persistence
- Modifies WinLogon for persistence
  persistence
- Modifies firewall policy service
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence